CMcC: The idea is to set up a user on a remote machine, and backup to it using rsync and ssh.

The original I took this from was written in PERL and is called rsnapshot [1]. I wasn't happy with it because it doesn't back up to a remote machine.

One nice feature is that it keeps complete snapshots of the directories which use hard links to save space - the total consumed for all of the snapshots should be proportional to the size of one copy plus the size of the changed files.

Because it relies upon ssh, and a dedicated user on a remote machine, there's a fair bit of setup required. It also depends on remote ssh tcl, from this Wiki.

It should be suitable for cron to run periodically, and you can expect all that nice rsync performance. Remove the -P argument to rsync to quieten it down for cron deployment. This should be a command line option, of course.

It needs frills like --exclude lists, etc, to be really finished.

snapshot uses ssh, which assumes the existence of an account on the remote machine with the following qualities: the remote account's login shell is tclsh, account login is not permitted.

The user running snapshot must have keys sufficient to ssh-connect to the remote account without password and without passphrase and must also have permissions sufficient to read the files it's trying to snapshot.

Important Security Note:

Needless to say, it's an inherently risky business to be providing networked services as root, even via sudo, and it's incumbent upon you, the user, to understand what you're doing and assure yourself that it's safe.

It is imperative that you edit /etc/sudoers to restrict the range of programs the backup user can run via sudo. If you don't, then anyone with the remote user's ssh key can run anything as root.

If you want to preserve times and owners you have to ensure user is in /etc/group under group sudo and add the following to /etc/sudoers "user ALL = /usr/bin/rsync", where user is the name of your remote account (to prevent the backup remote account from running anything/everything as root :)

If you don't care about the times, uid and gid, then knock out the sudos from both of the following files.